TMG Beta 3 Brings SSTP Capability

TMG Beta 3 Brings SSTP Capability

Now that TMG Beta 3 is released you can enjoy the best of both words for VPN access. In the past I was questioned about SSTP on ISA Server 2006 since Windows Server 2008 was capable to do it. The sad answer was that ISA Server 2006 didn’t have this feature built in. But now you can use TMG and select SSTP the same way as another protocol as shown in Figure 1:

Figure 1 – SSTP available in TMG Console.

When configuring SSTP on TMG you will need to carefully plan:

·Web Listener that will be used by SSTP.

·Certificate that is going to be bound to the Web Listener.

Besides that you will need Windows Vista with SP1 on the client workstation to test this new feature.

Troubleshooting Client Access

Since I’m working remotely some these days I was able to reproduce some of the nice errors that I didn’t have when I was in my home lab. Today for example I got the following error when I was trying to connect from my laptop:

Figure 2 – First error due the cert name.

That was pretty self explanatory, but just to confirm the name that I used to issue the certificate I got a netmon trace and got the subject name: